Vulnerabilities > CVE-2021-23134 - Use After Free vulnerability in multiple products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZYORWNQIHNWRFYRDXBWYWBYM46PDZEN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZYORWNQIHNWRFYRDXBWYWBYM46PDZEN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QALNQT4LJFVSSA3MWCIECVY4AFPP4X77/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QALNQT4LJFVSSA3MWCIECVY4AFPP4X77/
- https://security.netapp.com/advisory/ntap-20210625-0007/
- https://security.netapp.com/advisory/ntap-20210625-0007/
- https://www.openwall.com/lists/oss-security/2021/05/11/4
- https://www.openwall.com/lists/oss-security/2021/05/11/4